Infocomm Security Masterplan
The Infocomm Security Masterplan (Masterplan) provides the overarching plan in Singapore's continued national efforts to enhance cyber security.
Launched in February 2005, this three-year (FY 2005 - 2007) strategic roadmap is the result of extensive private and public sector feedback to increase the resilience of national critical infrastructure from cyber attacks and to maintain a secure infocomm environment for government, businesses and individuals.
The Masterplan has identified six strategies to secure Singapore's infocomm environment:
a. Securing the People Sector
b. Securing the Private Sector
c. Securing the Public Sector
d. Developing National Capability
e. Cultivating Technology and R&D
f. Securing National Infrastructure
1.1 National Trust Framework
Complementary to the Masterplan is the National Trust Framework (NTF), which was conceptualised in 2006 as part of IDA's iN2015 Masterplan. With the pervasive adoption of online services such as banking, healthcare and commerce, a trusted infocomm environment is essential to minimise security risks to valuable and sensitive data. Thus, the objective of the NTF is to develop a national framework that provides greater assurance and trust, so that Singapore can continue to leverage on its infocomm successes. To enhance Singapore's reputation as a trusted hub, the NTF has identified four key strategic thrusts:
a. Trusted infrastructure development
b. Manpower development
c. Education and adoption
1.1.1 Financial Sector
This framework is crucial for the survival of the financial sector, as it aims to build a trusted infocomm environment that can be relied upon. With many unforeseen uncertainties with respect to the sector, for example, in the IDA website, the industry was in a shock when Societe Generale, a banking giant in France, lost 4.9 bilion euro (US$7.44 billion) in a year due to fraudulent transactions by a mid-level trader. Hence, if Singapore is able to build up trust among the companies, it could very well benefit the sector and boost its competitiveness .
To achieve the objectives of the Masterplan and the NTF, some of the key initiatives that Singapore has undertaken include:
- National Cyberthreat Monitoring Centre (NCMC) that will provide Singapore with the capability for early detection of potentially devastating cyber attacks and the ability to respond to cyber security incidents in real time. The NCMC will consist of the Cyber Watch Centre (CWC) that provides round-the-clock monitoring of cyber-threats to critical installations, and the Threat Analysis Centre (TAC) that focuses on the analysis of cyber threats.
- National Infocomm Security Awareness Programme that aims to educate the end-users in the people, private and public sectors on infocomm security and increase their awareness level. Various initiatives employing the use of online media, print media (such as brochures, advertorials), web portals, road shows, seminars, educational learning resources (such as e-learning course and videos) as well as partnerships with the industry have been put in place to inculcate infocomm security awareness amongst the Internet users.
- Critical Infocomm Infrastructure Surety Assessment (CII-SA) project that was set up to assess the infocomm security readiness of Singapore's critical infocomm infrastructure (CII), and to ascertain the adequacy of the infocomm protection measures implemented by infrastructure owners and operators.
The Singapore Computer Emergency Response Team (SingCERT) was established in 1997 as a one-stop centre for security incident response in Singapore. It was set up to facilitate the detection, resolution and prevention of security related incidents on the Internet. The services that SingCERT provide include:
- Broadcasting of alerts, advisories and security patches
- Promoting security awareness by conducting security courses, seminars and workshops
- Collaborating with vendors, local and other national CERTs to resolve security incidents